aws-lambda-api-tools 0.1.22 → 0.1.24
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/bootstrap-iam.js +53 -1
- package/dist/bin/bootstrap-iam.js +78 -34
- package/dist/bin/bootstrap-iam.js.map +1 -1
- package/dist/index.d.ts +2 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +9 -1
- package/dist/index.js.map +1 -1
- package/dist/lib/lambda-route-proxy-entry-handler.d.ts.map +1 -1
- package/dist/lib/lambda-route-proxy-entry-handler.js +19 -7
- package/dist/lib/lambda-route-proxy-entry-handler.js.map +1 -1
- package/dist/lib/middleware-helpers.d.ts +50 -0
- package/dist/lib/middleware-helpers.d.ts.map +1 -0
- package/dist/lib/middleware-helpers.js +111 -0
- package/dist/lib/middleware-helpers.js.map +1 -0
- package/dist/lib/security-config-loader.d.ts +15 -0
- package/dist/lib/security-config-loader.d.ts.map +1 -0
- package/dist/lib/security-config-loader.js +257 -0
- package/dist/lib/security-config-loader.js.map +1 -0
- package/dist/lib/types-and-interfaces.d.ts +18 -0
- package/dist/lib/types-and-interfaces.d.ts.map +1 -1
- package/package.json +2 -1
|
@@ -0,0 +1,257 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
+
if (mod && mod.__esModule) return mod;
|
|
20
|
+
var result = {};
|
|
21
|
+
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
+
__setModuleDefault(result, mod);
|
|
23
|
+
return result;
|
|
24
|
+
};
|
|
25
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
26
|
+
exports.generateJwtRotationHeaders = exports.generateCorsHeaders = exports.loadSecurityConfig = void 0;
|
|
27
|
+
const fs = __importStar(require("fs"));
|
|
28
|
+
const path = __importStar(require("path"));
|
|
29
|
+
/**
|
|
30
|
+
* Default security configuration (minimal and secure)
|
|
31
|
+
*/
|
|
32
|
+
const DEFAULT_SECURITY_CONFIG = {
|
|
33
|
+
cors: {
|
|
34
|
+
allowOrigin: [],
|
|
35
|
+
allowMethods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
|
|
36
|
+
allowHeaders: ['Content-Type', 'Authorization'],
|
|
37
|
+
allowCredentials: false,
|
|
38
|
+
maxAge: 86400, // 24 hours
|
|
39
|
+
},
|
|
40
|
+
defaultHeaders: {
|
|
41
|
+
'Content-Type': 'application/json',
|
|
42
|
+
'X-Content-Type-Options': 'nosniff',
|
|
43
|
+
'X-Frame-Options': 'DENY',
|
|
44
|
+
'X-XSS-Protection': '1; mode=block',
|
|
45
|
+
},
|
|
46
|
+
jwtRotationHeaders: {
|
|
47
|
+
enabled: true,
|
|
48
|
+
rotationRequiredHeader: 'X-Token-Rotation-Required',
|
|
49
|
+
rotationReasonHeader: 'X-Token-Rotation-Reason',
|
|
50
|
+
},
|
|
51
|
+
};
|
|
52
|
+
/**
|
|
53
|
+
* Load security configuration from project root
|
|
54
|
+
* Looks for: api-security.json, api-security.js, or embedded in package.json
|
|
55
|
+
*/
|
|
56
|
+
function loadSecurityConfig(projectRoot = process.cwd()) {
|
|
57
|
+
const configPaths = [
|
|
58
|
+
path.join(projectRoot, 'api-security.json'),
|
|
59
|
+
path.join(projectRoot, 'api-security.js'),
|
|
60
|
+
path.join(projectRoot, '.api-security.json'),
|
|
61
|
+
];
|
|
62
|
+
let userConfig = {};
|
|
63
|
+
// Try to load from dedicated config files
|
|
64
|
+
for (const configPath of configPaths) {
|
|
65
|
+
if (fs.existsSync(configPath)) {
|
|
66
|
+
try {
|
|
67
|
+
if (configPath.endsWith('.js')) {
|
|
68
|
+
// eslint-disable-next-line @typescript-eslint/no-var-requires
|
|
69
|
+
userConfig = require(configPath);
|
|
70
|
+
}
|
|
71
|
+
else {
|
|
72
|
+
const configContent = fs.readFileSync(configPath, 'utf8');
|
|
73
|
+
userConfig = JSON.parse(configContent);
|
|
74
|
+
}
|
|
75
|
+
console.log(`Loaded security config from: ${configPath}`);
|
|
76
|
+
break;
|
|
77
|
+
}
|
|
78
|
+
catch (error) {
|
|
79
|
+
console.warn(`Failed to load security config from ${configPath}:`, error);
|
|
80
|
+
}
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
// Try to load from package.json
|
|
84
|
+
if (Object.keys(userConfig).length === 0) {
|
|
85
|
+
const packageJsonPath = path.join(projectRoot, 'package.json');
|
|
86
|
+
if (fs.existsSync(packageJsonPath)) {
|
|
87
|
+
try {
|
|
88
|
+
const packageJson = JSON.parse(fs.readFileSync(packageJsonPath, 'utf8'));
|
|
89
|
+
if (packageJson.apiSecurity) {
|
|
90
|
+
userConfig = packageJson.apiSecurity;
|
|
91
|
+
console.log('Loaded security config from package.json');
|
|
92
|
+
}
|
|
93
|
+
}
|
|
94
|
+
catch (error) {
|
|
95
|
+
console.warn('Failed to load security config from package.json:', error);
|
|
96
|
+
}
|
|
97
|
+
}
|
|
98
|
+
}
|
|
99
|
+
// Merge with defaults and validate
|
|
100
|
+
const mergedConfig = mergeSecurityConfig(DEFAULT_SECURITY_CONFIG, userConfig);
|
|
101
|
+
validateSecurityConfig(mergedConfig);
|
|
102
|
+
return mergedConfig;
|
|
103
|
+
}
|
|
104
|
+
exports.loadSecurityConfig = loadSecurityConfig;
|
|
105
|
+
/**
|
|
106
|
+
* Deep merge security configurations
|
|
107
|
+
*/
|
|
108
|
+
function mergeSecurityConfig(defaults, user) {
|
|
109
|
+
return {
|
|
110
|
+
cors: {
|
|
111
|
+
...defaults.cors,
|
|
112
|
+
...user.cors,
|
|
113
|
+
},
|
|
114
|
+
defaultHeaders: {
|
|
115
|
+
...defaults.defaultHeaders,
|
|
116
|
+
...user.defaultHeaders,
|
|
117
|
+
},
|
|
118
|
+
jwtRotationHeaders: {
|
|
119
|
+
...defaults.jwtRotationHeaders,
|
|
120
|
+
...user.jwtRotationHeaders,
|
|
121
|
+
},
|
|
122
|
+
};
|
|
123
|
+
}
|
|
124
|
+
/**
|
|
125
|
+
* Validate security configuration for common misconfigurations
|
|
126
|
+
*/
|
|
127
|
+
function validateSecurityConfig(config) {
|
|
128
|
+
// Validate CORS configuration
|
|
129
|
+
if (config.cors) {
|
|
130
|
+
const { allowOrigin, allowCredentials } = config.cors;
|
|
131
|
+
// Check for dangerous wildcard with credentials
|
|
132
|
+
const hasWildcard = allowOrigin === '*' ||
|
|
133
|
+
(Array.isArray(allowOrigin) && allowOrigin.some(origin => origin === '*'));
|
|
134
|
+
if (allowCredentials && hasWildcard) {
|
|
135
|
+
throw new Error('SECURITY ERROR: Cannot use Access-Control-Allow-Credentials: true with Access-Control-Allow-Origin: *. ' +
|
|
136
|
+
'This is a security vulnerability. Specify explicit origins instead.');
|
|
137
|
+
}
|
|
138
|
+
// Warn about wildcard origins
|
|
139
|
+
if (hasWildcard) {
|
|
140
|
+
console.warn('WARNING: Using wildcard (*) for Access-Control-Allow-Origin. ' +
|
|
141
|
+
'Consider specifying explicit origins for better security.');
|
|
142
|
+
}
|
|
143
|
+
// Validate that origins are provided
|
|
144
|
+
if (Array.isArray(allowOrigin) && allowOrigin.length === 0) {
|
|
145
|
+
console.warn('WARNING: No CORS origins configured. API will reject all cross-origin requests. ' +
|
|
146
|
+
'Configure allowOrigin in your security config if cross-origin access is needed.');
|
|
147
|
+
}
|
|
148
|
+
}
|
|
149
|
+
// Validate headers
|
|
150
|
+
if (config.defaultHeaders) {
|
|
151
|
+
const headers = config.defaultHeaders;
|
|
152
|
+
// Check for missing security headers
|
|
153
|
+
const recommendedHeaders = [
|
|
154
|
+
'X-Content-Type-Options',
|
|
155
|
+
'X-Frame-Options',
|
|
156
|
+
'X-XSS-Protection',
|
|
157
|
+
];
|
|
158
|
+
for (const header of recommendedHeaders) {
|
|
159
|
+
if (!headers[header]) {
|
|
160
|
+
console.warn(`SECURITY: Consider adding ${header} header for better security`);
|
|
161
|
+
}
|
|
162
|
+
}
|
|
163
|
+
}
|
|
164
|
+
}
|
|
165
|
+
/**
|
|
166
|
+
* Check if an origin matches allowed origins (including regex patterns)
|
|
167
|
+
*/
|
|
168
|
+
function isOriginAllowed(requestOrigin, allowOrigin, allowOriginPatterns) {
|
|
169
|
+
if (!allowOrigin && !allowOriginPatterns) {
|
|
170
|
+
return false;
|
|
171
|
+
}
|
|
172
|
+
// Handle wildcard
|
|
173
|
+
if (allowOrigin === '*') {
|
|
174
|
+
return true;
|
|
175
|
+
}
|
|
176
|
+
// Handle different allowOrigin types
|
|
177
|
+
if (Array.isArray(allowOrigin)) {
|
|
178
|
+
for (const origin of allowOrigin) {
|
|
179
|
+
if (typeof origin === 'string' && origin === requestOrigin) {
|
|
180
|
+
return true;
|
|
181
|
+
}
|
|
182
|
+
if (origin instanceof RegExp && origin.test(requestOrigin)) {
|
|
183
|
+
return true;
|
|
184
|
+
}
|
|
185
|
+
}
|
|
186
|
+
}
|
|
187
|
+
else if (typeof allowOrigin === 'string') {
|
|
188
|
+
return allowOrigin === requestOrigin;
|
|
189
|
+
}
|
|
190
|
+
else if (allowOrigin instanceof RegExp) {
|
|
191
|
+
return allowOrigin.test(requestOrigin);
|
|
192
|
+
}
|
|
193
|
+
// Handle regex patterns from JSON config (as strings)
|
|
194
|
+
if (allowOriginPatterns && allowOriginPatterns.length > 0) {
|
|
195
|
+
for (const pattern of allowOriginPatterns) {
|
|
196
|
+
try {
|
|
197
|
+
const regex = new RegExp(pattern);
|
|
198
|
+
if (regex.test(requestOrigin)) {
|
|
199
|
+
return true;
|
|
200
|
+
}
|
|
201
|
+
}
|
|
202
|
+
catch (error) {
|
|
203
|
+
console.warn(`Invalid regex pattern in allowOriginPatterns: ${pattern}`, error);
|
|
204
|
+
}
|
|
205
|
+
}
|
|
206
|
+
}
|
|
207
|
+
return false;
|
|
208
|
+
}
|
|
209
|
+
/**
|
|
210
|
+
* Generate CORS headers based on configuration and request origin
|
|
211
|
+
*/
|
|
212
|
+
function generateCorsHeaders(config, requestOrigin) {
|
|
213
|
+
const headers = {};
|
|
214
|
+
if (!config.cors || !requestOrigin) {
|
|
215
|
+
return headers;
|
|
216
|
+
}
|
|
217
|
+
const { allowOrigin, allowOriginPatterns, allowMethods, allowHeaders, allowCredentials, maxAge } = config.cors;
|
|
218
|
+
// Check if the request origin is allowed
|
|
219
|
+
if (isOriginAllowed(requestOrigin, allowOrigin, allowOriginPatterns)) {
|
|
220
|
+
// IMPORTANT: Always return the exact request origin, never the pattern
|
|
221
|
+
headers['Access-Control-Allow-Origin'] = requestOrigin;
|
|
222
|
+
// Add other CORS headers only if origin is allowed
|
|
223
|
+
if (allowMethods && allowMethods.length > 0) {
|
|
224
|
+
headers['Access-Control-Allow-Methods'] = allowMethods.join(', ');
|
|
225
|
+
}
|
|
226
|
+
if (allowHeaders && allowHeaders.length > 0) {
|
|
227
|
+
headers['Access-Control-Allow-Headers'] = allowHeaders.join(', ');
|
|
228
|
+
}
|
|
229
|
+
if (allowCredentials) {
|
|
230
|
+
headers['Access-Control-Allow-Credentials'] = 'true';
|
|
231
|
+
}
|
|
232
|
+
if (maxAge) {
|
|
233
|
+
headers['Access-Control-Max-Age'] = maxAge.toString();
|
|
234
|
+
}
|
|
235
|
+
}
|
|
236
|
+
return headers;
|
|
237
|
+
}
|
|
238
|
+
exports.generateCorsHeaders = generateCorsHeaders;
|
|
239
|
+
/**
|
|
240
|
+
* Generate JWT rotation headers if needed
|
|
241
|
+
*/
|
|
242
|
+
function generateJwtRotationHeaders(config, routeData) {
|
|
243
|
+
const headers = {};
|
|
244
|
+
if (!config.jwtRotationHeaders?.enabled || !routeData?.needsJwtRotation) {
|
|
245
|
+
return headers;
|
|
246
|
+
}
|
|
247
|
+
const { rotationRequiredHeader, rotationReasonHeader } = config.jwtRotationHeaders;
|
|
248
|
+
if (rotationRequiredHeader) {
|
|
249
|
+
headers[rotationRequiredHeader] = 'true';
|
|
250
|
+
}
|
|
251
|
+
if (rotationReasonHeader) {
|
|
252
|
+
headers[rotationReasonHeader] = 'secret-rotated';
|
|
253
|
+
}
|
|
254
|
+
return headers;
|
|
255
|
+
}
|
|
256
|
+
exports.generateJwtRotationHeaders = generateJwtRotationHeaders;
|
|
257
|
+
//# sourceMappingURL=security-config-loader.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"security-config-loader.js","sourceRoot":"","sources":["../../src/lib/security-config-loader.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAG7B;;GAEG;AACH,MAAM,uBAAuB,GAAmB;IAC9C,IAAI,EAAE;QACJ,WAAW,EAAE,EAAE;QACf,YAAY,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,CAAC;QACzD,YAAY,EAAE,CAAC,cAAc,EAAE,eAAe,CAAC;QAC/C,gBAAgB,EAAE,KAAK;QACvB,MAAM,EAAE,KAAK,EAAE,WAAW;KAC3B;IACD,cAAc,EAAE;QACd,cAAc,EAAE,kBAAkB;QAClC,wBAAwB,EAAE,SAAS;QACnC,iBAAiB,EAAE,MAAM;QACzB,kBAAkB,EAAE,eAAe;KACpC;IACD,kBAAkB,EAAE;QAClB,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,2BAA2B;QACnD,oBAAoB,EAAE,yBAAyB;KAChD;CACF,CAAC;AAEF;;;GAGG;AACH,SAAgB,kBAAkB,CAAC,cAAsB,OAAO,CAAC,GAAG,EAAE;IACpE,MAAM,WAAW,GAAG;QAClB,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,mBAAmB,CAAC;QAC3C,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,iBAAiB,CAAC;QACzC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,oBAAoB,CAAC;KAC7C,CAAC;IAEF,IAAI,UAAU,GAA4B,EAAE,CAAC;IAE7C,0CAA0C;IAC1C,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE;QACpC,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE;YAC7B,IAAI;gBACF,IAAI,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE;oBAC9B,8DAA8D;oBAC9D,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;iBAClC;qBAAM;oBACL,MAAM,aAAa,GAAG,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;oBAC1D,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;iBACxC;gBACD,OAAO,CAAC,GAAG,CAAC,gCAAgC,UAAU,EAAE,CAAC,CAAC;gBAC1D,MAAM;aACP;YAAC,OAAO,KAAK,EAAE;gBACd,OAAO,CAAC,IAAI,CAAC,uCAAuC,UAAU,GAAG,EAAE,KAAK,CAAC,CAAC;aAC3E;SACF;KACF;IAED,gCAAgC;IAChC,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;QACxC,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC;QAC/D,IAAI,EAAE,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE;YAClC,IAAI;gBACF,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC,CAAC;gBACzE,IAAI,WAAW,CAAC,WAAW,EAAE;oBAC3B,UAAU,GAAG,WAAW,CAAC,WAAW,CAAC;oBACrC,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;iBACzD;aACF;YAAC,OAAO,KAAK,EAAE;gBACd,OAAO,CAAC,IAAI,CAAC,mDAAmD,EAAE,KAAK,CAAC,CAAC;aAC1E;SACF;KACF;IAED,mCAAmC;IACnC,MAAM,YAAY,GAAG,mBAAmB,CAAC,uBAAuB,EAAE,UAAU,CAAC,CAAC;IAC9E,sBAAsB,CAAC,YAAY,CAAC,CAAC;IAErC,OAAO,YAAY,CAAC;AACtB,CAAC;AAjDD,gDAiDC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,QAAwB,EAAE,IAA6B;IAClF,OAAO;QACL,IAAI,EAAE;YACJ,GAAG,QAAQ,CAAC,IAAI;YAChB,GAAG,IAAI,CAAC,IAAI;SACb;QACD,cAAc,EAAE;YACd,GAAG,QAAQ,CAAC,cAAc;YAC1B,GAAG,IAAI,CAAC,cAAc;SACvB;QACD,kBAAkB,EAAE;YAClB,GAAG,QAAQ,CAAC,kBAAkB;YAC9B,GAAG,IAAI,CAAC,kBAAkB;SAC3B;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,sBAAsB,CAAC,MAAsB;IACpD,8BAA8B;IAC9B,IAAI,MAAM,CAAC,IAAI,EAAE;QACf,MAAM,EAAE,WAAW,EAAE,gBAAgB,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC;QAEtD,gDAAgD;QAChD,MAAM,WAAW,GAAG,WAAW,KAAK,GAAG;YACrC,CAAC,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC;QAE7E,IAAI,gBAAgB,IAAI,WAAW,EAAE;YACnC,MAAM,IAAI,KAAK,CACb,yGAAyG;gBACzG,qEAAqE,CACtE,CAAC;SACH;QAED,8BAA8B;QAC9B,IAAI,WAAW,EAAE;YACf,OAAO,CAAC,IAAI,CACV,+DAA+D;gBAC/D,2DAA2D,CAC5D,CAAC;SACH;QAED,qCAAqC;QACrC,IAAI,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE;YAC1D,OAAO,CAAC,IAAI,CACV,kFAAkF;gBAClF,iFAAiF,CAClF,CAAC;SACH;KACF;IAED,mBAAmB;IACnB,IAAI,MAAM,CAAC,cAAc,EAAE;QACzB,MAAM,OAAO,GAAG,MAAM,CAAC,cAAc,CAAC;QAEtC,qCAAqC;QACrC,MAAM,kBAAkB,GAAG;YACzB,wBAAwB;YACxB,iBAAiB;YACjB,kBAAkB;SACnB,CAAC;QAEF,KAAK,MAAM,MAAM,IAAI,kBAAkB,EAAE;YACvC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;gBACpB,OAAO,CAAC,IAAI,CAAC,6BAA6B,MAAM,6BAA6B,CAAC,CAAC;aAChF;SACF;KACF;AACH,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CACtB,aAAqB,EACrB,WAAmD,EACnD,mBAA8B;IAE9B,IAAI,CAAC,WAAW,IAAI,CAAC,mBAAmB,EAAE;QACxC,OAAO,KAAK,CAAC;KACd;IAED,kBAAkB;IAClB,IAAI,WAAW,KAAK,GAAG,EAAE;QACvB,OAAO,IAAI,CAAC;KACb;IAED,qCAAqC;IACrC,IAAI,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE;QAC9B,KAAK,MAAM,MAAM,IAAI,WAAW,EAAE;YAChC,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,KAAK,aAAa,EAAE;gBAC1D,OAAO,IAAI,CAAC;aACb;YACD,IAAI,MAAM,YAAY,MAAM,IAAI,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE;gBAC1D,OAAO,IAAI,CAAC;aACb;SACF;KACF;SAAM,IAAI,OAAO,WAAW,KAAK,QAAQ,EAAE;QAC1C,OAAO,WAAW,KAAK,aAAa,CAAC;KACtC;SAAM,IAAI,WAAW,YAAY,MAAM,EAAE;QACxC,OAAO,WAAW,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;KACxC;IAED,sDAAsD;IACtD,IAAI,mBAAmB,IAAI,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAAE;QACzD,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE;YACzC,IAAI;gBACF,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC;gBAClC,IAAI,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE;oBAC7B,OAAO,IAAI,CAAC;iBACb;aACF;YAAC,OAAO,KAAK,EAAE;gBACd,OAAO,CAAC,IAAI,CAAC,iDAAiD,OAAO,EAAE,EAAE,KAAK,CAAC,CAAC;aACjF;SACF;KACF;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,SAAgB,mBAAmB,CAAC,MAAsB,EAAE,aAAsB;IAChF,MAAM,OAAO,GAA2B,EAAE,CAAC;IAE3C,IAAI,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,aAAa,EAAE;QAClC,OAAO,OAAO,CAAC;KAChB;IAED,MAAM,EAAE,WAAW,EAAE,mBAAmB,EAAE,YAAY,EAAE,YAAY,EAAE,gBAAgB,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC;IAE/G,yCAAyC;IACzC,IAAI,eAAe,CAAC,aAAa,EAAE,WAAW,EAAE,mBAAmB,CAAC,EAAE;QACpE,uEAAuE;QACvE,OAAO,CAAC,6BAA6B,CAAC,GAAG,aAAa,CAAC;QAEvD,mDAAmD;QACnD,IAAI,YAAY,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE;YAC3C,OAAO,CAAC,8BAA8B,CAAC,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;SACnE;QAED,IAAI,YAAY,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE;YAC3C,OAAO,CAAC,8BAA8B,CAAC,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;SACnE;QAED,IAAI,gBAAgB,EAAE;YACpB,OAAO,CAAC,kCAAkC,CAAC,GAAG,MAAM,CAAC;SACtD;QAED,IAAI,MAAM,EAAE;YACV,OAAO,CAAC,wBAAwB,CAAC,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;SACvD;KACF;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAjCD,kDAiCC;AAED;;GAEG;AACH,SAAgB,0BAA0B,CACxC,MAAsB,EACtB,SAAc;IAEd,MAAM,OAAO,GAA2B,EAAE,CAAC;IAE3C,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,OAAO,IAAI,CAAC,SAAS,EAAE,gBAAgB,EAAE;QACvE,OAAO,OAAO,CAAC;KAChB;IAED,MAAM,EAAE,sBAAsB,EAAE,oBAAoB,EAAE,GAAG,MAAM,CAAC,kBAAkB,CAAC;IAEnF,IAAI,sBAAsB,EAAE;QAC1B,OAAO,CAAC,sBAAsB,CAAC,GAAG,MAAM,CAAC;KAC1C;IAED,IAAI,oBAAoB,EAAE;QACxB,OAAO,CAAC,oBAAoB,CAAC,GAAG,gBAAgB,CAAC;KAClD;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AArBD,gEAqBC"}
|
|
@@ -11,9 +11,26 @@ export type ConfigRouteEntry = {
|
|
|
11
11
|
handlerPath: string;
|
|
12
12
|
authorizeRoute?: boolean;
|
|
13
13
|
};
|
|
14
|
+
export type SecurityConfig = {
|
|
15
|
+
cors?: {
|
|
16
|
+
allowOrigin?: string | string[] | RegExp | RegExp[];
|
|
17
|
+
allowOriginPatterns?: string[];
|
|
18
|
+
allowMethods?: string[];
|
|
19
|
+
allowHeaders?: string[];
|
|
20
|
+
allowCredentials?: boolean;
|
|
21
|
+
maxAge?: number;
|
|
22
|
+
};
|
|
23
|
+
defaultHeaders?: Record<string, string>;
|
|
24
|
+
jwtRotationHeaders?: {
|
|
25
|
+
enabled?: boolean;
|
|
26
|
+
rotationRequiredHeader?: string;
|
|
27
|
+
rotationReasonHeader?: string;
|
|
28
|
+
};
|
|
29
|
+
};
|
|
14
30
|
export type RouteConfig = {
|
|
15
31
|
authorizeAllRoutes?: boolean;
|
|
16
32
|
routes: Array<ConfigRouteEntry>;
|
|
33
|
+
security?: SecurityConfig;
|
|
17
34
|
};
|
|
18
35
|
export type RouteArguments = {
|
|
19
36
|
params?: any;
|
|
@@ -22,6 +39,7 @@ export type RouteArguments = {
|
|
|
22
39
|
form?: any;
|
|
23
40
|
rawEvent?: APIGatewayProxyEventV2 | APIGatewayProxyEvent;
|
|
24
41
|
routeData?: any;
|
|
42
|
+
responseHeaders?: Record<string, string>;
|
|
25
43
|
};
|
|
26
44
|
export interface RouteSchema {
|
|
27
45
|
params?: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types-and-interfaces.d.ts","sourceRoot":"","sources":["../../src/lib/types-and-interfaces.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,sBAAsB,EAAE,MAAM,YAAY,CAAC;AAC1E,OAAO,EAAE,MAAM,EAAE,MAAM,KAAK,CAAC;AAC7B,OAAO,KAAK,YAAY,MAAM,+BAA+B,CAAC;AAE9D,MAAM,MAAM,gBAAgB,GAAG;IAC7B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,KAAK,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,GAAG,SAAS,GAAG,OAAO,GAAG,MAAM,GAAG,KAAK,CAAC;IACjF,mBAAmB,EAAE,OAAO,CAAC;IAC7B,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,OAAO,CAAC;CAC1B,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG;IACxB,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,MAAM,EAAE,KAAK,CAAC,gBAAgB,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"types-and-interfaces.d.ts","sourceRoot":"","sources":["../../src/lib/types-and-interfaces.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,sBAAsB,EAAE,MAAM,YAAY,CAAC;AAC1E,OAAO,EAAE,MAAM,EAAE,MAAM,KAAK,CAAC;AAC7B,OAAO,KAAK,YAAY,MAAM,+BAA+B,CAAC;AAE9D,MAAM,MAAM,gBAAgB,GAAG;IAC7B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,KAAK,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,GAAG,SAAS,GAAG,OAAO,GAAG,MAAM,GAAG,KAAK,CAAC;IACjF,mBAAmB,EAAE,OAAO,CAAC;IAC7B,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,OAAO,CAAC;CAC1B,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,IAAI,CAAC,EAAE;QACL,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,MAAM,EAAE,CAAC;QACpD,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;QAC/B,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;QACxB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;QACxB,gBAAgB,CAAC,EAAE,OAAO,CAAC;QAC3B,MAAM,CAAC,EAAE,MAAM,CAAC;KACjB,CAAC;IACF,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACxC,kBAAkB,CAAC,EAAE;QACnB,OAAO,CAAC,EAAE,OAAO,CAAC;QAClB,sBAAsB,CAAC,EAAE,MAAM,CAAC;QAChC,oBAAoB,CAAC,EAAE,MAAM,CAAC;KAC/B,CAAC;CACH,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG;IACxB,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,MAAM,EAAE,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAChC,QAAQ,CAAC,EAAE,cAAc,CAAC;CAC3B,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,MAAM,CAAC,EAAE,GAAG,CAAC;IACb,IAAI,CAAC,EAAE,GAAG,CAAC;IACX,KAAK,CAAC,EAAE,GAAG,CAAC;IACZ,IAAI,CAAC,EAAE,GAAG,CAAC;IACX,QAAQ,CAAC,EAAE,sBAAsB,GAAG,oBAAoB,CAAC;IACzD,SAAS,CAAC,EAAE,GAAG,CAAC;IAChB,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC1C,CAAC;AAEF,MAAM,WAAW,WAAW;IAC1B,MAAM,CAAC,EAAE;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAA;KAAE,CAAC;IACxC,KAAK,CAAC,EAAE;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAA;KAAE,CAAC;IACvC,IAAI,CAAC,EAAE;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAA;KAAE,CAAC;IACtC,WAAW,CAAC,EAAE,MAAM,CAAC,GAAG,CAAC,GAAG;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAA;KAAE,CAAC;IAC3D,YAAY,CAAC,EAAE,MAAM,CAAC,GAAG,CAAC,GAAG;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAA;KAAE,CAAC;CAC7D;AAED,MAAM,WAAW,kBAAmB,SAAQ,YAAY,CAAC,cAAc;CAAG;AAE1E,MAAM,WAAW,aAAc,SAAQ,YAAY,CAAC,cAAc;IAChE,KAAK,EAAE;QACL,UAAU,EAAE,MAAM,CAAC;QACnB,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC;CACH;AAED,MAAM,WAAW,YAAa,SAAQ,YAAY,CAAC,cAAc;IAC/D,IAAI,EAAE,GAAG,CAAC;CACX;AAED,MAAM,MAAM,cAAc,CAAC,CAAC,IAAI,YAAY,GAAG,aAAa,CAAC;AAE7D,MAAM,MAAM,iBAAiB,CAAC,CAAC,IAAI;KAChC,GAAG,IACA,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GACL,KAAK,GAAG,cAAc,CAAC,CAAC,CAAC;CAC9B,CAAC;AAEF,MAAM,WAAW,aAAa,CAAC,CAAC,CAAE,SAAQ,iBAAiB,CAAC,CAAC,CAAC;IAC5D,KAAK,EAAE,cAAc,CAAC,CAAC,CAAC,CAAC;CAC1B;AAED,MAAM,MAAM,6BAA6B,GAAG,CAAC,KAAK,EAAE,WAAW,KAAK,cAAc,CAAC;AACnF,MAAM,MAAM,gCAAgC,GAAG,CAAC,KAAK,EAAE,cAAc,KAAK,GAAG,CAAC;AAC9E,MAAM,MAAM,eAAe,GAAG,KAAK,CAAC,gCAAgC,CAAC,CAAC;AACtE,MAAM,MAAM,WAAW,GAAG;IACxB,UAAU,EAAE,eAAe,CAAC;IAC5B,WAAW,EAAE,WAAW,CAAC;CAC1B,CAAC;AAEF,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,gBAAgB,EAAE,MAAM,CAAC;IACzB,OAAO,EAAE,OAAO,CAAC;IACjB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,MAAM,EAAE;QACN,KAAK,EAAE,MAAM,CAAC;QACd,iBAAiB,EAAE,MAAM,CAAC;KAC3B,CAAC;CACH"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "aws-lambda-api-tools",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.24",
|
|
4
4
|
"description": "",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"bin": {
|
|
@@ -41,6 +41,7 @@
|
|
|
41
41
|
"typescript": "~4.9.5"
|
|
42
42
|
},
|
|
43
43
|
"dependencies": {
|
|
44
|
+
"@aws-sdk/client-iam": "^3.896.0",
|
|
44
45
|
"@types/atob": "^2.1.2",
|
|
45
46
|
"@types/aws-lambda": "^8.10.152",
|
|
46
47
|
"@types/formidable": "^1.2.3",
|